[rsbac] A problem about vsftp

Amon Ott ao at rsbac.org
Fri Feb 20 14:54:51 CET 2004


On Mittwoch, 18. Februar 2004 15:59, �ffffd2�ffffe0 �ffffc1�ffffd6 wrote:
> I'm running rsbac 1.2.2 on kernel 2.4.22.
> In order to use vsftp,i added a new net template named "FTP".
>   Name : FTP
>   No. 3000 
>   Socket Type STREAM
>   Address 0.0.0.0
>   Valid Length 0
>   Protocol TCP
>   Network Device “”
>   Min Port 20
>   Max Port 21
> and a new NETOBJ type FTP . Set the FTP type to the FTP template. 
> Create a new role VSFtp and it has the R_CREATE, R_READ, R_ACCEPT, 
R_CONNECT, R_SEND, R_RECEIVE, R_NET_SHUTDOWN to the NETOBJ  type FTP.
> Set VSFtp as the binary vsftpd's force_role.
> Add auth capbilities to change to "noboby" for vsftpd.

Is the template for a local server or a remote server you want to connect to?

> But when i attempt to connect to the ftp,it returns OOPS:SETUID.
> when RC is on and AUTH is off ,it returns  Permission denied.

How did you create the new role? What does the log say?

If you want to create a new role, you should better copy an existing one - 
otherwise you have a role without any right, not even CHANGE_OWNER on PROCESS 
type 0...

Amon.
-- 
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22



More information about the rsbac mailing list